Zoom Sued over Code that Sends User Data to Facebook

The worldwide COVID-19 outbreak has caused thousands of people to merge their working and home lives. Making the transition slightly easier has been video conferencing platform, Zoom.

Zoom has seen an unprecedented surge in users over the last few months as employees navigate virtual offices from the comfort of their homes. However, what seemed like a great way to connect with co-workers has quickly turned into a Class Action Lawsuit against the platform.

Vice reports that “by analyzing the network traffic of the Zoom iOS app, Motherboard found that when opened, the app sent information about the user’s device such as the model, the city and timezone they are connecting from, which phone carrier they are using, and a unique advertiser identifier created by the user’s device”.

Pat Walshe, Privacy Matters activist, says “[it’s] shocking. There is nothing in the privacy policy that addresses [it]” – meaning the data is shared without the user’s permission or knowledge.

After the news initially broke, Zoom tried to get ahead of the issue by pushing an update that simply removed the code linked to the transferring of private data.

However, a statement pulled directly from the lawsuit reads “Zoom appears to have taken no action to block any of the prior versions of the Zoom App from operating. Thus, unless users affirmatively update their Zoom App, they likely will continue to unknowingly send unauthorized personal information to Facebook, and perhaps other third parties. Zoom could have forced all iOS users to update to the new Zoom App to continue using Zoom but appears to have chosen not to’.

iOS researcher and founder of privacy-focused iOS app Guardian, Will Strafach says that it is now up to users to decide how they feel about Zoom.